Revisiting Location Privacy from a Side-Channel Analysis Viewpoint

  • Clément MassartEmail author
  • François-Xavier Standaert
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11627)


Inspired by the literature on side-channel attacks against cryptographic implementations, we describe a framework for the analysis of location privacy. It allows us to revisit (continuous) re-identification attacks with a combination of information theoretic and security metrics. Our results highlight conceptual differences between re-identification attacks exploiting leakages that are internal or external to a pseudonymised database. They put forward the amount of data to collect in order to estimate a predictive model as an important – yet less discussed – dimension of privacy assessments. They finally leverage recent results on the security evaluations/certification of cryptographic implementations to connect information theoretic and security metrics, and to formally bound the risk of re-identification with external leakages.



François-Xavier Standaert is a Senior Research Associate of the Belgian Fund for Scientific Research (FNRS-F.R.S.). This work has been funded in parts by the ERC project SWORD (Consolidator Grant 724725).

Supplementary material


  1. 1.
    Andrés, M.E., Bordenabe, N.E., Chatzikokolakis, K., Palamidessi, C.: Geo-indistinguishability: differential privacy for location-based systems. In: Sadeghi, A.-R., Gligor, V.D., Yung, M. (eds.), ACM SIGSAC, pp. 901–914. ACM (2013)Google Scholar
  2. 2.
    Beresford, A.R., Stajano, F.: Location privacy in pervasive computing. IEEE Pervasive Comput. 2(1), 46–55 (2003)CrossRefGoogle Scholar
  3. 3.
    Bronchain, O., Hendrickx, J.M., Massart, C., Olshevsky, A., Standaert, F.-X.: Leakage certification revisited: Bounding model errors in side-channel security evaluations. IACR Cryptology ePrint Archive 2019:132 (2019)Google Scholar
  4. 4.
    Cho, E., Myers, S.A., Leskovec, J.: Friendship and mobility: user movement in location-based social networks. In: Apté, C., Ghosh, J., Smyth, P. (eds.) ACM SIGKDD, pp. 1082–1090. ACM (2011)Google Scholar
  5. 5.
    de Montjoye, Y.-A., Hidalgo, C.A., Verleysen, M., Blondel, V.: Unique in the crowd: the privacy bounds of human mobility. Nat. Sci. Rep. 3(1376), 5 (2013)Google Scholar
  6. 6.
    de Montjoye, Y.-A., Radaelli, L., Singh, V.K., Pentland, A.S.: Unique in the shopping mall: on the reidentifiability of credit card metadata. Science 347(6221), 536–539 (2015)CrossRefGoogle Scholar
  7. 7.
    Díaz, C., Seys, S., Claessens, J., Preneel, B.: Towards measuring anonymity. In: Dingledine, R., Syverson, P. (eds.) PET 2002. LNCS, vol. 2482, pp. 54–68. Springer, Heidelberg (2003). Scholar
  8. 8.
    Duc, A., Faust, S., Standaert, F.-X.: Making masking security proofs concrete. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 401–429. Springer, Heidelberg (2015). Scholar
  9. 9.
    Durvaux, F., Standaert, F.-X., Pozo, S.M.D.: Towards easy leakage certification: extended version. J. Cryptographic Engineering 7(2), 129–147 (2017)CrossRefGoogle Scholar
  10. 10.
    Durvaux, F., Standaert, F.-X., Veyrat-Charvillon, N.: How to certify the leakage of a chip? In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 459–476. Springer, Heidelberg (2014). Scholar
  11. 11.
    Dwork, C.: Differential privacy: a survey of results. In: Agrawal, M., Du, D., Duan, Z., Li, A. (eds.) TAMC 2008. LNCS, vol. 4978, pp. 1–19. Springer, Heidelberg (2008). Scholar
  12. 12.
    Fung, B.C.M., Wang, K., Chen, R., Yu, P.S.: Privacy-preserving data publishing: a survey of recent developments. ACM Comput. Surv. 42(4), 1–53 (2010)CrossRefGoogle Scholar
  13. 13.
    Gambs, S., Killijian, M.-O., del Prado Cortez, M.N.: Next place prediction using mobility markov chains. In: Proceedings of the First Workshop on Measurement, Privacy, and Mobility, MPM 2012, pp. 3:1–3:6 (2012)Google Scholar
  14. 14.
    Machanavajjhala, A., Kifer, D., Gehrke, J., Venkitasubramaniam, M.: L-diversity: privacy beyond k-anonymity. TKDD 1(1), 3 (2007)CrossRefGoogle Scholar
  15. 15.
    Maouche, M., Ben Mokhtar, S., Bouchenak, S.: Ap-attack: a novel re-identification attack on mobility datasets. In: Kaafar, D., Zhou, G. (eds.) MobiQuitous. ACM (2017)Google Scholar
  16. 16.
    Oya, S., Troncoso, C., Pérez-González, F.: Is geo-indistinguishability what you are looking for? In: Thuraisingham, B.M., Lee, A.J. (eds.) Proceedings of the 2017 on Workshop on Privacy in the Electronic Society, pp. 137–140. ACM (2017)Google Scholar
  17. 17.
    Samarati, P., Sweeney, L.: Generalizing data to provide anonymity when disclosing information (abstract). In: Mendelzon, A.O., Paredaens, J. (eds.) ACM SIGACT-SIGMOD-SIGART, p. 188. ACM Press (1998)Google Scholar
  18. 18.
    Serjantov, A., Danezis, G.: Towards an information theoretic metric for anonymity. In: Dingledine, R., Syverson, P. (eds.) PET 2002. LNCS, vol. 2482, pp. 41–53. Springer, Heidelberg (2003). Scholar
  19. 19.
    Shokri, R., Theodorakopoulos, G., Le Boudec, J.-Y., Hubaux, J.-P.: IEEE s&p. pp. 247–262. IEEE Computer Society (2011)Google Scholar
  20. 20.
    Standaert, F.-X., Malkin, T.G., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 443–461. Springer, Heidelberg (2009). Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.ICTEAM - Crypto GroupUniversité Catholique de LouvainLouvain-la-NeuveBelgium

Personalised recommendations